Re: IBM Sterling Connect:Direct -- MIDRANGE-L

Subject: Re: IBM Sterling Connect:Direct
From: Rob Berendt <rob@xxxxxxxxx>
Date: Wed, 1 Feb 2017 07:42:43 -0500
List-archive: <http://archive.midrange.com/midrange-l/>
List-help: <mailto:midrange-l-request@midrange.com?subject=help>
List-id: Midrange Systems Technical Discussion <midrange-l.midrange.com>
List-post: <mailto:midrange-l@midrange.com>
List-subscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=subscribe>
List-unsubscribe: <http://lists.midrange.com/mailman/options/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=unsubscribe>

Again, about running a MFT program on IBM i 7.1...
You might want to read the following
"Lack Of Ciphers In IBM i 7.1 Raises Concern"
https://www.itjungle.com/2017/02/01/lack-ciphers-ibm-7-1-raises-concern/

We use the MFT program GoAnywhere which uses it's own ciphers.
We do, however, tend to drop off old ciphers pretty rapidly. We have an
scanning service and if it sees that we use vulnerable ciphers we get
dinged on our security audit.

Does Sterling use it's own ciphers, or does it only use ciphers provided
by the OS?
I said before that, since they require that IBM's DCM be loaded on the
box, I seriously doubt they use their own ciphers.
Do you see anywhere in their announcements anything like "new ciphers
supported in 3.8"?
Do you see anything in their support documents on how to disable
vulnerable ciphers?

Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.